Skip to main content

S M Cms

3 CVEs product

Monthly

CVE-2024-3816 CRITICAL Act Now

Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to a blind SQL Injection executed using the search bar. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi S M Cms
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-3801 MEDIUM This Month

Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to Reflected XSS via including scripts in one of GET header parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS S M Cms
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-3800 MEDIUM This Month

Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to Reflected XSS via including scripts in requested file names. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS S M Cms
NVD
CVSS 3.1
6.1
EPSS
0.3%
EPSS 0% CVSS 9.8
CRITICAL Act Now

Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to a blind SQL Injection executed using the search bar. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi S M Cms
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to Reflected XSS via including scripts in one of GET header parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS S M Cms
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to Reflected XSS via including scripts in requested file names. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS S M Cms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy